Russian hackers target French election: Moscow may be meddling in favor of Marine Le Pen

Russian hackers are apparently not content to settle with only interfering in American elections

Shares

April 26, 2017 1:07AM (UTC)

The campaign of French presidential candidate Emmanuel Macron has been targeted by hackers that are linked to Russia and may be the same hackers responsible for breaching the emails of Democratic officials before last year's election in the U.S., according to warnings from a cybersecurity firm in a new report.

Security researchers from Trend Micro said on March 15 that a hacking group that they believe to be a Russian intelligence unit began sending emails with links to fake websites in order to bait campaign officials into revealing their passwords — a common technique known as phishing. The New York Times reported:

Advertisement:

The group began registering several decoy internet addresses last month and as recently as April 15, naming one onedrive-en-marche.fr and another mail-en-marche.fr to mimic the name of Mr. Macron’s political party, En Marche.

Those websites were registered to a block of web addresses that Trend Micro’s researchers say belong to the Russian intelligence unit they refer to as Pawn Storm, but is alternatively known as Fancy Bear, APT 28 or the Sofacy Group. American and European intelligence agencies and American private security researchers determined that the group was responsible for hacking the Democratic National Committee last year.

Weeks ago, Macron's digital director Mounir Mahjoubi said that he had "strong suspicions" Moscow was behind a series of "highly sophisticated" attempts to get inside the campaign's email accounts.

“The phishing pages we are talking about are very personalized web pages to look like the real address,” Mahjoubi said, according to the New York Times. Adding, “It’s exactly the same page. That means there was talent behind it and time went into it: talent, money, experience, time and will.”

The attacks to gain access to campaign email accounts were unsuccessful.

Trend Micro plans to release a full report on Tuesday that provides details of the cyberattacks in the recent weeks. The report will also include details of attacks against members of Germany’s Konrad-Adenauer Stiftung, a political foundation that is connected to Chancellor Angela Merkel's party, according to the Times:

This winter, the campaign’s website also came under attack. The attacks coincided with highly slanted articles about Mr. Macron on the French language services of Sputnik and RT, formerly Russia Today. Both are state-funded Russian news media outlets.

The coincidence of the hacking of the Macron campaign website, the phishing attacks and the slanted articles caused Mr. Mahjoubi to consider that there might be Russian involvement. “That was only a supposition,” he said, based on the timing.

Mr. Mahjoubi described the phishing attacks as the “invisible side” of an apparent Russian campaign to hurt Mr. Macron, while the “visible side” took the form of fake news or slanted stories in the French-language Russian media.

The second round of France's presidential contest pitting Macron against Kremlin-friendly far right leader Marine Le Pen is two weeks away.

Charlie May

Charlie May is a news writer at Salon. You can find him on Twitter at @charliejmay